IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Stanislaus State Restoring Network After Unusual Activity

Stanislaus State is bringing networks back online after shutting them down last week due to suspicious activity, which caused major disruption across campus. It's still investigating and has not specified what happened.

Ransomware Cyber Security Email Phishing Internet Technology Lock Vault Protection 3d illustration
(TNS) — Stanislaus State is restoring its campus network services about a week after shutting them down as it investigated what it is calling "unusual activity" on the network.

While the university has determined it is safe to bring services back online, it has not disclosed the nature or source of the unusual activity.

The university canceled all classes at its main Turlock campus and satellite Stockton campus Feb. 17, and online classes remain canceled through Friday. There has been no Internet and Wi-Fi and campus phones have been down. Key cards were not working at the labs at the Naraghi Hall of Science. Campus eateries were accepting only cash.

Students have not been able to use an online portal called Canvas, the primary way students and professors communicate with one another between classes. This has been a major disruption for classes that rely on technology, such as graphic design, and for professors who use technology in the classroom.


A Stanislaus State email sent Thursday to the campus community stated that the university has determined the campus servers are safe and secure and it is safe to begin bringing systems back online.

"The first step in this process is to improve our University's security posture by having all faculty, staff and students reboot their on-campus computers and reset their Warrior password," the email states. "A staged process of resetting passwords began today ... .

"Please monitor your email for specific instructions and times for you to come to campus to reset your password. Once your password has been reset, access to campus systems and platforms will be re-enabled for you. ... It is vital that all students, faculty and staff respond and act so we can open the connection to the campus Internet in a timely manner."

The university said it understands the impact the disruption "may have had on our learning environment," according to the email. "We apologize for any inconvenience this may cause and appreciate your continued patience and support."

A university spokeswoman provided the email but did not provide more information, including the nature and source of the "unusual activity" and a timeline for when all network services would be restored. Stanislaus State has an enrollment of about 9,500 students, according to the California State University Chancellor's Office.

Spokeswoman Rosalee Rush said in subsequent email: "This is an ongoing investigation. This is all of the information I have to share until the assessment is complete." But she did say the campus phones are now working.

The earlier email states unusual activity was detected Feb. 16 on the campus network. "Out of an abundance of caution, the Office of Information Technology isolated and shut down the campus network, halting incoming and outgoing network activity to investigate and discern the cause of the incident," according to the email.


The Turlock university is the second local public institution to experience IT problems recently. Modesto reported earlier this month that it was conducting an investigation with cybersecurity experts after detecting what it called suspicious activity on its digital network. The Bee reported that the city's Police Department experienced a ransomware attack.

Modesto has released few details about the incident since first acknowledging it Feb. 8 when The Bee inquired. City spokesman Andrew Gonzales released this statement Thursday:

"Our investigation into suspicious activity on our digital network remains ongoing, and there is no new information to share at this time. As communicated in our previous statement there was never, and there is not currently, a disruption to emergency services' ability to service and answer 911 calls. All other City services also continue uninterrupted. Right now, our priority is to conduct a thorough investigation into this matter."

The Bee filed California Public Records Act requests Feb. 13 with Modesto for the agreements or other documentation the city has with the cybersecurity experts helping it investigate and for the city's emails, texts and other communications related to the incident.

Modesto said Thursday it will need an additional 14 days to respond.

Regarding the cybersecurity experts, it said it need more time "to consult with another agency having substantial interest in the request (such as a state agency), or among two or more components of the local agency (such as two city departments) with substantial interest in the request."

It said it needed more time regarding the city's communications "to search for, collect, and appropriately examine a voluminous amount of separate and distinct records demanded in a single request."

©2023 The Modesto Bee (Modesto, Calif.). Distributed by Tribune Content Agency, LLC.